|
Measures reported by FTMGSocksTest
Socket Secure (SOCKS) is an Internet protocol that routes network packets between a client and server through a proxy server. Practically, a SOCKS server proxies TCP connections to an arbitrary IP address, and provides a means for UDP packets to be forwarded. The Forefront TMG can perform itself as a SOCKS Server or a SOCKS proxy. The SOCKS filter provided with Forefront TMG forwards requests from SOCKS applications to the Microsoft Firewall service. Forefront TMG checks the access policy rules to determine if the SOCKS client application can communicate with the Internet. When you install Forefront TMG, the SOCKS filter is disabled for all networks. You can configure Forefront TMG to listen for SOCKS requests on any port after enabling the SOCKS filter. Using the FTMGSocksTest test, you can identify the number of active connections and sessions that are connected using the SOCKS protocol; the rate at which data is read from and written to the client. In addtition, this test reveals the rate of pending DNS resolutions and those DNS resolutions that were successful.
The measures made by this test are as follows:
| Measurement |
Description |
Measurement Unit |
Interpretation |
| ActiveConn |
Indicates the total number of active connections (connected through SOCKS protocol) that are currently passing data through this firewall. |
Connections/sec |
The value of this measure is incremented by one for each successfully established SOCKS connection and decremented by one if the SOCKS connection is terminated. |
| ActiveSession |
Indicates the total number of active sessions that are connected through SOCKS protocol. |
Sessions/sec |
|
| BytesRead_Sec |
Indicates the rate at which data is read from the client by the server when the connections are established through SOCKS protocol. |
KB/sec |
|
| BytesWrite_Sec |
Indicates the rate at which data is written to the client by the server when the connections are established through SOCKS protocol. |
KB/sec |
|
| ConnectConn |
Indicates the number of connections that are currently waiting for a remote computer to connect to using the SOCKS protocol. |
Connections/sec |
|
| ListenConn |
Indicates the rate at which the SOCKS filter listens for an incoming connection on a specified port, when a BIND command is issued to the SOCKS filter by a client. |
Connections/sec |
|
| PendingDNS |
Indicates the number of Winsock getaddrinfo() requests that are currently pending per second. |
Connections/Sec |
A low value is desired for this measure. These requests resolve host DNS names and IP addresses for SOCKS connections. |
| SuccessDNS |
Indicates the number of DNS resolution requests made using SOCKS protocol that are currently resolved per second. |
Connections/Sec |
A high value is desired for this measure. |
|